-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Mark,
On 6/3/15 3:53 PM, Mark Thomas wrote:
> On 03/06/2015 20:48, Christopher Schultz wrote:
>
> <snip/>
>
>> I don't understand the underlying reasons why Tomcat treats
>> symlinks specially...
>
> <snip/>
>
> It is to do with case sensitivity on non case sensitive file
> systems. The check we have to add on Windows to stop things like
> JSP source disclosure by requesting /index.Jsp also blocks
> symlinks.
>
> Removing that check (and hence enabling symlinks) is safe on a
> case sensitive file system and unsafe on a non-case sensitive file
> system.
Is that protection require something that can be detected by software,
and then only applied when necessary?
For instance, most UNIX filesystems have symlinks and case-sensitive
filesystems, and these checks would not be necessary. Plus, users in
those environments are quite used to using symlinks in place of real
files.
Windows users rarely use symbolic links, and have a case-sensitive
filesystem, and these checks are certainly necessary. Prohibiting
symbolic linking (by default) in this environment is probably okay.
Mac OS X is a bit odd in that it's got all of the great things about a
traditional UNIX filesystem except that it's got a better chance of
being case-insensitive because HFS+ allows both semantics, but the
default is unfortunately case-insensitive. In this environment, it's
probably okay to prevent symbolic links unless he user forces them
back on.
The obvious way to check for case-sensitivity would be to create a
file in the work directory with a certain name in mixed-case like
"TestFile.txt" and then try to open it with an all-lowercase name
("textfile.txt") and see if it exists. Then, we could enable or
disable this kind of checking.
Does anyone have any comments about something like that?
We probably have a lot of places where we "resolve" filenames but I'm
guessing we don't have a single utility method to do the work;
probably just new File(new File(file).getCanonicalPath()) or something
like that wherever it's needed. If we unified all those accesses in a
single place, it would be easy to change these semantics for different
environments.
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
Comment: GPGTools - http://gpgtools.org
iQIcBAEBCAAGBQJVb2o/AAoJEBzwKT+lPKRY6REQALYt4gPup33oDcMo6Rp6kW7P
3OFP4M3fGcYZ4tu3aFI+wlGhp/ikBwNUMCFoLrtITIbNJ6EDl4KZOUUdUUjldjd0
uFHC8AQcKoU62Z36vUYknmTmtD39/ibQJ6orv6/L6sN5UZE5fYTIwkw/qN1VEwCk
YCLGK+oJl3daYEuo4md4IVeGPOWC9COQ5VPY/OVfHk4m/cfRWCdTwjsFcs256wKj
kgTBWiZaclr8zVaTCUWVdyUAahdzJ7k90Sp1anZpJUm1XKOC8ySc3z5ygvep1JZD
3IBB49QZXYwQuVj43t96QzxcRmBUf+KeaZ7QLfi/+cIonhy5uLoMxzON/njZtvIC
TTQhPJjE53wIcqHttI7BgiwqvgmuSJHAhlFc39sHWQFqqgxDBudoGngfK9BITd/Y
oxg+at2IZaTfM9JM7kirt/oppUkif1tELaU44iJFT4vnVTLRZ3AvxBOG6mOWoWkx
5+pIzoOlOmQdhZUxQS3ziX+QDt3wz8vb6Y0EMuUCqc3wEHLeLkoeTguPIE2YQopN
zh5y1eZ9mlGppXoRxHrnvtRPtxsXTQnEakyMGGcY2oQOmsl5TLvrJfMLmeoM5UIv
sGdoy6kg5fuxWQRxIj2JcOgmgmS5wTCyV4K0dYm4z0NLp08THivEMVaVgBkEplZL
9kVcfiuD4aNCn5HXzCNd
=3XAR
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
